﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using System.Xml;
public partial class quytrinh3 : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
       
        //Response.Write("<script LANGUAGE='JavaScript' >alert('"+NguoiNhan.diaChi+"')</script>");

        if (!IsPostBack)
        {
            ViewState["PreviousPage"] = Request.UrlReferrer;
        }

    }
    public void back(object sender, EventArgs e)
    {
        if (ViewState["PreviousPage"] != null)	//Check if the ViewState 
        //contains Previous page URL
        {
            Response.Redirect(ViewState["PreviousPage"].ToString());//Redirect to 
            //Previous page by retrieving the PreviousPage Url from ViewState.
        }
    }
    public void show(object sender, EventArgs e)
    {
        
        visa.Visible = true;
        
    }
    public void hide(object sender, EventArgs e)
    {
        visa.Visible = false;
    }
    public void thanhtoan(object sender, EventArgs e)
    {
        if (Session["User"] == null)
        {
            Response.Redirect("chuadangnhap.aspx");
        }       
        string hoten = NguoiNhan.ten;
        string diachi = NguoiNhan.diaChi;
        string sodienthoai = NguoiNhan.soDienThoai;
        string tinhthanh = NguoiNhan.tinh_Thanh_Pho;
        string email = NguoiNhan.email;
        string sql = "";
        connection ketnoi = new connection();
        ketnoi.Open();
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string user = Session["User"].ToString();
        Double tongtien = Convert.ToDouble(Session["tongtien"]);


        sql = "SELECT * FROM ACCOUNT AC, THANHVIEN TV WHERE AC.USERNAME = TV.USERNAME AND AC.USERNAME='" + user + "'";
        dt = ketnoi.return_table(ds,sql, "THANHVIEN");

        if (RadioButton2.Checked)
        {
            string orderNumber = "";
            string paymentAmount = Math.Round((Convert.ToDouble(Session["tongtien"]) / Convert.ToDouble(Session["tigia"])), 2).ToString();
            string buyerLastName = "";
            string buyerFirstName = "";
            string buyerAddress = "";
            string buyerCity = "";
            string buyerStateOrProvince = "";
            string buyerCountryCode = "VN";
            string buyerCountryName = "";
            string buyerZipCode = "";
            string creditCardType = "Visa";
            string creditCardNumber = Credit.Value;
            string CVV2 = CVV.Value;
            string expMonth = "11";
            string expYear = "2017";

            foreach (DataRow dr in dt.Rows)
            {
                //orderNumber = "";
                //paymentAmount = "";
                buyerLastName = dr["hoten"].ToString();
                //buyerFirstName = "";
                buyerAddress = dr["diachi"].ToString();
                buyerCity = dr["tinhthanh"].ToString();
                //buyerStateOrProvince = "";
                //buyerCountryCode = "";
                //buyerCountryName = "";
                //buyerZipCode = "";
                //creditCardType = "";
            }

            PayPalGateway pp = new PayPalGateway();
            PayPalReturn rv = pp.Pay(orderNumber, paymentAmount, buyerLastName, buyerFirstName, buyerAddress, buyerCity, buyerStateOrProvince, buyerCountryCode, buyerCountryName, buyerZipCode, creditCardType, creditCardNumber, CVV2, expMonth, expYear);
            //PayPalReturn rv = pp.Pay("123", "100", "Minh", "Phuong", "123 Nguyen Hue", "HCM", "CA", "US", "United States", "12345", "Visa", "4136631700097117", "123 k,", "11", "2017");
            if (rv.IsSucess)
            {
                //lblMsg.Text = "Your Invoice Number: " + rv.TransactionID;
                string maphieumua = "";
                if (Request["sanpham"] != null)
                {
                    //tìm shop tương ứng với mã sản phẩm tương ứng
                    string str = Request["sanpham"];
                    string soluong = Request["soluong"];
                    sql = "SELECT shop.mashop from shop, sanpham where sanpham.masanpham = '" + str + "' and sanpham.mashop = shop.mashop";
                    string mashop=ketnoi.Execute_reader(sql, "mashop");
                    /*
                     insert vào bảng phiếu mua sản phẩm
                     */

                    sql = "exec dbo.them_phieumua '" + mashop + "','" + user + "'," + tongtien + ",1";
                    maphieumua = ketnoi.Execute_reader(sql, "maphieu");
                    sql = "exec dbo.them_nguoinhan " + maphieumua + ",'" + hoten + "','" + sodienthoai + "','" + email + "','" + tinhthanh + "','" + diachi + "'";
                    ketnoi.Execute_noquery(sql);
                    /////////////////////////////////////////////////////////
                    sql = "SELECT masanpham," + soluong + " as soluong," + soluong + "*giasanpham as tongtien FROM SANPHAM where masanpham='" + str + "'";
                    dt = ketnoi.return_table(ds,sql, "SANPHAM");
                }
                if (Request["shop"] != null)
                {
                    string shop = Request["shop"];

                    sql = "exec dbo.them_phieumua '" + shop + "','" + user + "'," + tongtien + ",1";
                    maphieumua = ketnoi.Execute_reader(sql, "maphieu");

                    sql = "exec dbo.them_nguoinhan " + maphieumua + ",'" + hoten + "','" + sodienthoai + "','" + email + "','" + tinhthanh + "','" + diachi + "'";
                    ketnoi.Execute_noquery(sql);

                    List<string> list = new List<string>();
                    list = (List<string>)Session["Cart"];
                    foreach (var item in list)
                    {
                        string[] t = item.Split('-');
                        string sanpham = t[0];
                        string soluong = t[1];
                        sql = "select masanpham," + t[1] + " as soluong," + t[1] + " * giasanpham as tongtien from Shop s,Sanpham sp where sp.Masanpham ='" + t[0] + "' and s.Mashop = sp.Mashop and s.Mashop='" + shop + "'";
                        dt = ketnoi.return_table(ds,sql, "SANPHAM_SHOP");
                     
                    }
                }
                List<string> list_remove = new List<string>();
                list_remove = (List<string>)Session["Cart"];
                foreach (DataRow dr in dt.Rows)
                {
                    sql = "exec dbo.them_chitietphieumua '" + dr["masanpham"].ToString() + "','"+maphieumua+"','" + dr["soluong"].ToString() + "','" + dr["tongtien"].ToString() + "'";
                    ketnoi.Execute_noquery(sql);
                    if (Request["shop"] != null)
                    {
                        string item = dr["masanpham"].ToString() + '-' + dr["soluong"].ToString();
                        list_remove.Remove(item);
                    }
                }
                Session["Cart"] = list_remove;
            }
            else
            {
                //lblMsg.Text = "Error process: " + rv.ErrorMessage;
            }
            //}
        }
        else
        {
            string maphieumua ="";
            if (Request["sanpham"] != null)
            {
                //tìm shop tương ứng với mã sản phẩm tương ứng
                string str = Request["sanpham"];
                string soluong = Request["soluong"];
                sql = "SELECT shop.mashop from shop, sanpham where sanpham.masanpham = '" + str + "' and sanpham.mashop = shop.mashop";
                string mashop = ketnoi.Execute_reader(sql, "mashop");
                /*
                 insert vào bảng phiếu mua sản phẩm
                 */

                sql = "exec dbo.them_phieumua '" + mashop + "','" + user + "'," + tongtien + ",0";
                maphieumua = ketnoi.Execute_reader(sql, "maphieu");
                


                sql = "exec dbo.them_nguoinhan " + maphieumua + ",'" + hoten + "','" + sodienthoai + "','" + email + "','" + tinhthanh + "','" + diachi + "'";
                ketnoi.Execute_noquery(sql);
                /////////////////////////////////////////////////////////
                sql = "SELECT masanpham," + soluong + " as soluong," + soluong + "*giasanpham as tongtien FROM SANPHAM where masanpham='" + str + "'";
                dt = ketnoi.return_table(ds,sql, "SANPHAM");
            }
            if (Request["shop"] != null)
            {
                string shop = Request["shop"];

                sql = "exec dbo.them_phieumua '" + shop + "','" + user + "'," + tongtien + ",0";
                maphieumua = maphieumua = ketnoi.Execute_reader(sql, "maphieu");

                sql = "exec dbo.them_nguoinhan " + maphieumua + ",'" + hoten + "','" + sodienthoai + "','" + email + "','" + tinhthanh + "','" + diachi + "'";
                ketnoi.Execute_noquery(sql);

                List<string> list = new List<string>();
                list = (List<string>)Session["Cart"];
                foreach (var item in list)
                {
                    string[] t = item.Split('-');
                    string sanpham = t[0];
                    string soluong = t[1];
                    sql = "select masanpham," + t[1] + " as soluong," + t[1] + " * giasanpham as tongtien from Shop s,Sanpham sp where sp.Masanpham ='" + t[0] + "' and s.Mashop = sp.Mashop and s.Mashop='" + shop + "'";
                    dt = ketnoi.return_table(ds,sql, "SANPHAM_SHOP");

                }
            }
            List<string> list_remove = new List<string>();
            list_remove = (List<string>)Session["Cart"];
            foreach (DataRow dr in dt.Rows)
            {
                sql = "exec dbo.them_chitietphieumua '" + dr["masanpham"].ToString() + "','" + maphieumua + "','" + dr["soluong"].ToString() + "','" + dr["tongtien"].ToString() + "'";
                ketnoi.Execute_noquery(sql);
                if (Request["shop"] != null)
                {
                    string item = dr["masanpham"].ToString() + '-' + dr["soluong"].ToString();
                    list_remove.Remove(item);
                }
            }
            Session["Cart"] = list_remove;
        }
        Response.Redirect("home.aspx");

    }
   
}